Configuring the NAT Alarm Function

You can configure the NAT alarm function to strengthen the device administrator's capability to monitor NAT services in real time.

Context

NAT sessions and ports available are important resources for NAT services. If these resources are exhausted, NAT cannot be performed for traffic sent by newly logged-in users. Therefore, the usage of these resources must be properly monitored. The NAT alarm function enables a NAT device to generate an alarm when resource usage reaches a specified alarm threshold, which instructs the customer to implement capacity expansion or service adjustment.

Procedure

Set a maximum number of alarm packets that a NAT service board sends every second.

In VS mode, this configuration process is supported only by the admin VS.
1. Run system-view
  The system view is displayed.
2. Run nat alarm rate threshold-value
  The maximum number of alarm packets that a service board is allowed to send every second is set.
3. Run commit
  The configuration is committed.
Configure a device to generate an alarm when the number of NAT sessions on a NAT service board reaches the alarm threshold.

In VS mode, this configuration process is supported only by the admin VS.
1. Run system-view
  The system view is displayed.
2. (Optional) Run undo nat alarm session-number { log | trap } disable
  The trap or log function for the number of NAT sessions is enabled.
3. Run nat alarm session-number threshold threshold-value
  An alarm threshold is set for the proportion of the number of NAT sessions established to the maximum number on a NAT service board.
4. Run commit
  The configuration is committed.
Set an alarm threshold for user tables.

In VS mode, this configuration process is supported only by the admin VS.
1. Run system-view
  The system view is displayed.
2. (Optional) Run undo nat alarm user-table { log | trap } disable
  The trap or log function for user tables is enabled.
3. Run nat alarm user-table threshold threshold-value
  An alarm threshold is set for the proportion of the number of established user tables to the maximum number.
4. Run commit
  The configuration is committed.
Set an alarm threshold for No-PAT address pools.
1. Run system-view
  The system view is displayed.
2. Run nat instance instance-name [ id id ]
  The NAT instance view is displayed.
3. (Optional) Run nat alarm no-pat address-group { log | trap } disable
  The log or trap function is disabled for the No-PAT public address pool.
4. Run nat alarm no-pat address-group threshold threshold-value
  The alarm threshold is set for the proportion of the number of used No-PAT address pools to the maximum number.
5. Run commit
  The configuration is committed.
Configure the device to generate an alarm when server-map entry usage exceeds a specified threshold.

In VS mode, this configuration process is supported only by the admin VS.
1. Run system-view
  The system view is displayed.
2. (Optional) Run nat alarm server-map [ log | trap ] disable
  The log and alarm functions for server-map entries are disabled.
  
  The functions are enabled by default. To disable the functions, run the nat alarm server-map disable command.
3. Run nat alarm server-map threshold threshold-value
  The device is configured to generate an alarm when server-map entry usage exceeds a specified threshold.
  
  Run the display nat memory-usage servermap command to query the number of used server-map entries and the number of supported server-map entries. Server-map entry usage is as follows:
  
  Server-map entry usage = Number of used server-map entries/Number of server-map entries supported by the service board
4. Run commit
  The configuration is committed.